Confidential VM and Compute Engine

A Confidential Virtual Machine (Confidential VM) is a type of N2D Compute Engine VM running on hosts based on the second generation of AMD Epyc processors, code-named "Rome." Using AMD Secure Encrypted Virtualization (SEV), Confidential VM optimizes both performance and security for enterprise-class high memory workloads, and includes inline memory encryption that doesn't introduce significant performance penalty to those workloads.

These capabilities allow you to keep your data and apps encrypted at all times, including while processing sensitive data in memory. Google does not have access to the encryption keys. Along with encryption of data in transit and at rest using customer-managed encryption keys (CMEK) and customer-supplied encryption keys (CSEK), Confidential VM adds a "third pillar" to the end-to-end encryption story by encrypting data while in use. In addition, Confidential VM can help alleviate concerns about risk related to either dependency on Google infrastructure or Google insiders' access to customer data in the clear.

You can select the Confidential VM service when creating a new VM using the Google Cloud Console, the Compute Engine Beta API, or the gcloud command-line tool.

User benefits

The AMD Rome processor family is specifically optimized for compute-heavy workloads, with high memory capacity, high throughput, and support for parallel workloads. In addition, AMD SEV provides for Confidential Computing support.

AMD SEV offers high performance for the most demanding computational tasks, while keeping all memory encrypted with a dedicated per-VM instance key that is generated by hardware. These keys are generated by the AMD Platform Security Processor (PSP) during VM creation and reside solely within the processor. These keys are not accessible by Google.

Security and privacy features

With the confidential execution environments provided by Confidential VM and AMD SEV, Google Cloud keeps customers' sensitive code and other data encrypted in memory during processing.

Memory encryption ensures that data is encrypted while it's in RAM. Main memory encryption is performed using dedicated hardware within the on-die memory controllers. Each controller includes a high-performance Advanced Encryption Standard (AES) engine. The AES engine encrypts data as it is written to DRAM or shared between sockets, and decrypts it when data is read. This makes the content of the memory more resistant to memory snooping and cold boot attacks.

What's next